Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Example of using an HTML Sanitizer blacklist.

Go to solution
Community Alums
Not applicable

‎09-12-2014 11:31 AM

I'm working in a test instance of Eureka and I would like to test out the HTML Sanitizer blacklist as shown here in the wiki.

 

I want to setup a simple blacklist that prohibits using image tags that reference a .jpg file in the src property.   So far it doesn't work when I view a sample Knowledgebase entry I've made that uses an image tag with a .jpg source.   The image appears every time.   What am I doing wrong?

The system property for HTML Santizer is on, and the HTMLSanitizerConfig script include looks like this:

 

var HTMLSanitizerConfig = Class.create();
HTMLSanitizerConfig.prototype = {
initialize: function() {
},

HTML_WHITELIST : {
  /*globalAttributes: {
    attribute:[],
    attributeValuePattern:{}
  },*/
},

HTML_BLACKLIST : {
  globalAttributes: {},
  img: {
                      attribute:["src"],
                      attributeValuePattern:{src:".*jpg"}
              },

},

getWhiteList : function() {
  return this.HTML_WHITELIST;
},

getBlackList : function() {
  return this.HTML_BLACKLIST;
},

type: 'HTMLSanitizerConfig'
}

0 Helpfuls
  • 3,505 Views
1 ACCEPTED SOLUTION

Go to solution
Community Alums
Not applicable

‎10-20-2014 01:46 PM

Thanks to the assistance of HI, I got help to figure out how I configured this example wrong.   What I needed to use was:



var HTMLSanitizerConfig = Class.create();


HTMLSanitizerConfig.prototype = {


initialize: function() {


},



HTML_WHITELIST : {


  globalAttributes: {


    attribute:[],


    attributeValuePattern:{}


  },


},



HTML_BLACKLIST : {


  globalAttributes: {},


  img: {


                      attribute:[],


                      attributeValuePattern:{src:".*jp(e)?gx"}


              },


},



getWhiteList : function() {


  return this.HTML_WHITELIST;


},



getBlackList : function() {


  return this.HTML_BLACKLIST;


},



type: 'HTMLSanitizerConfig'


}


View solution in original post

1 REPLY 1

Go to solution
Community Alums
Not applicable

‎10-20-2014 01:46 PM

Thanks to the assistance of HI, I got help to figure out how I configured this example wrong.   What I needed to use was:



var HTMLSanitizerConfig = Class.create();


HTMLSanitizerConfig.prototype = {


initialize: function() {


},



HTML_WHITELIST : {


  globalAttributes: {


    attribute:[],


    attributeValuePattern:{}


  },


},



HTML_BLACKLIST : {


  globalAttributes: {},


  img: {


                      attribute:[],


                      attributeValuePattern:{src:".*jp(e)?gx"}


              },


},



getWhiteList : function() {


  return this.HTML_WHITELIST;


},



getBlackList : function() {


  return this.HTML_BLACKLIST;


},



type: 'HTMLSanitizerConfig'


}